Windows Autopilot is a powerful tool that simplifies the deployment and management of new Windows devices. Whether you’re an IT professional or a tech-savvy individual, this guide will walk you through the process of setting up Windows Autopilot in Intune.
Introduction
Windows Autopilot streamlines the deployment process, allowing you to configure and set up new devices with minimal effort. This guide covers everything from prerequisites to the final deployment, ensuring a smooth and efficient setup.
Prerequisites
Before you begin, make sure you have the following:
- Microsoft 365 Subscription: Ensure you have an active Microsoft 365 subscription with Intune.
- Azure AD Premium: Required for device enrollment and management.
- Windows 10/11 Pro, Enterprise, or Education: The devices you plan to deploy must be running one of these versions.
- Internet Connection: A stable internet connection is necessary for device enrollment and configuration.
Microsoft Intune Configuration
A few things need to be configured in Microsoft Intune before we can start enrolling devices via Windows Autopilot:
- CNAME Validation
- Enrollment Status Page
- Deployment Profiles
The following steps will be performed from the Microsoft Endpoint Manager admin center. First, let’s have a look at the CNAME validation.
CNAME Validation
- Navigate to CNAME Validation: Go to Devices > Enroll Devices > Windows enrollment and click on CNAME Validation.
- Validate CNAME: Follow the instructions to validate your CNAME records. This step ensures that your devices can communicate with the Autopilot service.
Step 1: Register Devices with Windows Autopilot
- Collect Hardware IDs: Obtain the hardware IDs of the devices you want to enroll. You can use the
Get-WindowsAutopilotInfo.ps1
script to collect this information.
Get-WindowsAutopilotInfo.ps1
2. Upload Hardware IDs: Go to the Microsoft Endpoint Manager admin center, navigate to Devices > Windows > Windows enrollment > Devices, and upload the collected hardware IDs.

Step 2: Create an Autopilot Deployment Profile
1. Navigate to Profiles: In the Microsoft Endpoint Manager admin center, go to Devices > Windows > Windows enrollment > Deployment Profiles.

2. Create a New Profile: Click on Create profile and select Windows PC.

3. Configure Profile Settings: Provide a name for the profile and configure the settings according to your organization’s requirements. Common settings include:
Deployment Mode: Choose between User-Driven, Self-Deploying, or Pre-Provisioned.
Out-of-Box Experience (OOBE): Customize the OOBE settings, such as language, privacy settings, and account setup.

Step 3: Assign the Deployment Profile to Devices
1Select Devices: In the Devices section, select the devices you want to assign the profile to.

2. Assign Profile: Click on Assign profile and choose the deployment profile you created in the previous step.

Step 4: Configure Enrollment Status Page (ESP)
- Navigate to ESP: In the Microsoft Endpoint Manager admin center, go to Devices > Windows > Windows enrollment > Enrollment Status Page.
- Create a New ESP Profile: Click on Create profile and configure the settings to monitor the device setup process.
- Assign ESP Profile: Assign the ESP profile to the devices to ensure they meet the required configuration before the user can access the desktop.
Step 5: Deploy Applications and Policies
- Create Application Assignments: In the Microsoft Endpoint Manager admin center, go to Apps > Windows apps and create assignments for the applications you want to deploy.
- Configure Policies: Navigate to Devices > Configuration profiles and create policies to configure device settings, security, and compliance.
Step 6: Monitor and Manage Devices
- Monitor Deployment: Use the Microsoft Endpoint Manager admin center to monitor the deployment status of your devices.
- Manage Devices: Once devices are deployed, you can manage them through Intune, applying updates, policies, and troubleshooting issues as needed.
Common Mistakes to Avoid
- Incorrect Hardware IDs: Ensure that the hardware IDs you collect are accurate. Incorrect IDs can lead to devices not being recognized during the enrollment process.
- Incomplete Profile Configuration: Double-check all settings in your deployment profiles. Missing or incorrect settings can cause deployment failures or unexpected behavior.
- Network Issues: A stable internet connection is crucial. Network interruptions during the setup process can lead to incomplete configurations.
- Ignoring ESP Configuration: Properly configuring the Enrollment Status Page (ESP) is essential to ensure devices meet all requirements before users can access them.
- Overlooking Application Dependencies: Make sure all necessary application dependencies are included in your deployment. Missing dependencies can cause application installation failures.
- Insufficient Testing: Always test your deployment profiles and configurations on a small group of devices before rolling them out organization-wide.
Best Practices for Deployment
- Plan Ahead: Thoroughly plan your deployment strategy, including timelines, resources, and potential challenges.
- Document Everything: Keep detailed documentation of your deployment process, configurations, and any issues encountered. This will help in troubleshooting and future deployments.
- Regularly Update Profiles: Keep your deployment profiles and configurations up to date with the latest settings and best practices.
- Train Your Team: Ensure that your IT team is well-trained on Windows Autopilot and Intune to handle any issues that may arise.
- Engage with the Community: Participate in forums and user groups to stay informed about the latest updates, tips, and best practices from other IT professionals.
Conclusion
Setting up Windows Autopilot is a straightforward process that can significantly reduce the time and effort required to deploy new devices. By following this step-by-step guide, avoiding common mistakes, and adhering to best practices, you can ensure a smooth and efficient deployment, allowing your organization to focus on productivity and growth.